Computer vulnerabilities of Grafana

Grafana: file reading via MySQL Connection String
A local attacker can read a file via MySQL Connection String of Grafana, in order to obtain sensitive information...
CVE-2019-19499, RHSA-2020:4682-01, VIGILANCE-VUL-33197

Grafana: Cross Site Scripting via Snapshot Original Dashboard Link
An attacker can trigger a Cross Site Scripting via Snapshot Original Dashboard Link of Grafana, in order to run JavaScript code in the context of the web site...
CVE-2020-11110, RHSA-2020:4682-01, VIGILANCE-VUL-32929

Grafana: information disclosure via Avatar HTTP Scan
An attacker can bypass access restrictions to data via Avatar HTTP Scan of Grafana, in order to obtain sensitive information...
CVE-2020-13379, FEDORA-2020-a09e5be0be, FEDORA-2020-e6e81a03d6, openSUSE-SU-2020:0892-1, openSUSE-SU-2020:1105-1, openSUSE-SU-2020:1611-1, openSUSE-SU-2020:1646-1, RHSA-2020:2641-01, RHSA-2020:2676-01, VIGILANCE-VUL-32406

Grafana: Cross Site Scripting via Dashboard Settings
An attacker can trigger a Cross Site Scripting via Dashboard Settings of Grafana, in order to run JavaScript code in the context of the web site...
CVE-2018-18625, VIGILANCE-VUL-32402

Grafana: Cross Site Scripting via Table Panel Set Column Styles
An attacker can trigger a Cross Site Scripting via Table Panel Set Column Styles of Grafana, in order to run JavaScript code in the context of the web site...
CVE-2018-18624, RHSA-2020:4682-01, VIGILANCE-VUL-32401

Grafana: Cross Site Scripting via Text Panel Set Options
An attacker can trigger a Cross Site Scripting via Text Panel Set Options of Grafana, in order to run JavaScript code in the context of the web site...
CVE-2018-18623, VIGILANCE-VUL-32400

Grafana: Cross Site Scripting via OpenTSDB Data Source
An attacker can trigger a Cross Site Scripting via OpenTSDB Data Source of Grafana, in order to run JavaScript code in the context of the web site...
CVE-2020-13430, RHSA-2020:4682-01, VIGILANCE-VUL-32327

Grafana: information disclosure via /var/lib/grafana
An attacker can read /var/lib/grafana on a Grafana host, in order to obtain sensitive information...
8283, CVE-2020-12458, CVE-2020-12459, FEDORA-2020-c6b0c7ebbb, FEDORA-2020-d109a1d1d9, RHSA-2020:4682-01, VIGILANCE-VUL-32155

Grafana: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Grafana, in order to run JavaScript code in the context of the web site...
CVE-2020-12052, CVE-2020-12245, openSUSE-SU-2020:0892-1, openSUSE-SU-2020:1105-1, openSUSE-SU-2020:1611-1, openSUSE-SU-2020:1646-1, RHSA-2020:4682-01, VIGILANCE-VUL-32105

Grafana: Cross Site Scripting via Column Link
An attacker can trigger a Cross Site Scripting via Column Link of Grafana, in order to run JavaScript code in the context of the web site...
VIGILANCE-VUL-31440

Our database contains other pages. You can request a free trial to read them.

Display information about Grafana:

https://grafana.com/